This topic explains how to use Internet Information Services
(IIS) Manager to configure
Microsoft Office Outlook Web Access virtual
directories to use Secure Sockets Layer (SSL). By default, when you
install the Client Access server role on a server that is
running Microsoft Exchange Server 2007, four
Outlook Web Access virtual directories are created in the
default IIS Web site on the Exchange server. The four virtual
directories are named \owa, \exchange, \public, and \exchweb. By
default, these virtual directories and the default Web site are
configured to require SSL.

If you want to use SSL to help secure additional
Outlook Web Access virtual directories or Web sites
that you have created, you must do so manually. To configure a site
to use SSL, you must obtain a certificate and configure the Web
site or virtual directory to require SSL by using that
certificate.

Before You Begin

To perform the following procedures, the account you
use must be delegated the following:

Exchange Server Administrator role and local Administrators
group for the target server

For more information about permissions, delegating
roles, and the rights that are required to administer Exchange
Server 2007, see Permission
Considerations.

Procedure

To use IIS Manager to configure
SSL on Outlook Web Access virtual directories

In IIS Manager, select the Default Web site or
the Web site where you are hosting your
Outlook Web Access virtual directories, and then click
Properties.

On the Directory Security tab, in Secure
Communications, click Edit.

In Secure Communications, select Require
Secure Channel (SSL).

Note:

If you are using an SSL certificate that was created during
Microsoft Exchange Setup, an error message will appear to
notify you that the certificate is not a trusted certificate. Make
sure that you trust the certification authority (CA) that issued
the certificate or use an SSL certificate that is trusted by your
CA.

Click OK to save your changes.

After you complete this procedure, all
Outlook Web Access virtual directories on the Web site
for which you have not explicitly disabled SSL will be configured
to use SSL.